Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1aa38486-cd53-4f48-891d-a0191edf04a1.roa
File: 1aa38486-cd53-4f48-891d-a0191edf04a1.roa (raw, json)
Hash identifier: afYvwdbMZh9xX0zrCYDWGDzcKsZ1NZZ0NVcPT2AicTM=
Subject key identifier: EC:D9:26:39:6C:EB:85:BC:19:9C:DC:2D:43:40:94:A5:06:A1:A8:97
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1F1B9C5BB5AC143F000ABD5743965AD91260DC59
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1aa38486-cd53-4f48-891d-a0191edf04a1.roa
Signing time: Mon 01 Sep 2025 19:50:07 +0000
ROA not before: Mon 01 Sep 2025 19:50:07 +0000
ROA not after: Mon 06 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:90c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 10:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1f:1b:9c:5b:b5:ac:14:3f:00:0a:bd:57:43:96:5a:d9:12:60:dc:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 1 19:50:07 2025 GMT
Not After : Oct 6 23:59:59 2025 GMT
Subject: serialNumber=da647cde1ece6fe02522c42e39a013170325831b135eb1a04dd7d3ea7aced329, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:45:f4:e3:d2:e5:e7:81:c3:c7:c9:82:34:c2:
41:ec:cb:7d:48:a6:2f:27:94:9d:ad:10:eb:1d:b6:
15:31:61:ad:b5:0e:d1:ef:f4:50:41:51:e5:5a:a4:
c3:e4:27:7a:b7:3c:fd:4a:84:7b:3d:80:3b:16:b3:
2e:6e:de:11:fe:cc:b6:fb:d3:39:9a:85:3f:74:c9:
ba:20:81:d6:38:65:3e:5e:8a:e6:9c:2b:11:a3:d4:
af:7a:78:ad:eb:33:c8:f7:e2:b5:d1:15:25:02:5f:
db:da:91:50:c7:5d:a3:d3:58:fa:62:f9:ba:63:98:
d4:2d:72:2d:37:35:dc:30:c2:94:bd:8e:2a:c1:10:
bb:6e:ee:44:8a:e7:39:26:20:8d:24:2d:71:3b:37:
9e:83:26:3f:9e:79:2e:15:f1:a3:4d:21:d9:7c:1d:
2d:bc:2a:29:37:19:02:72:2d:d7:f6:2a:16:bd:33:
78:c2:d2:fd:c5:f5:fd:3d:b6:36:e4:50:cc:37:b3:
32:2a:5d:de:59:ba:74:ed:a0:ca:e2:d0:a6:cd:8a:
1e:e0:ca:6b:0d:5f:c6:30:ed:fc:47:2b:04:d1:5f:
32:a4:2a:47:1b:7a:36:ec:e8:6e:41:07:5a:c4:de:
d1:5e:99:a7:cd:f6:d5:44:9d:63:09:96:b0:fb:b3:
9a:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:D9:26:39:6C:EB:85:BC:19:9C:DC:2D:43:40:94:A5:06:A1:A8:97
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1aa38486-cd53-4f48-891d-a0191edf04a1.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:90c0::/48
Signature Algorithm: sha256WithRSAEncryption
72:59:a3:0e:d2:a6:4f:47:d3:51:a0:71:ab:6e:c6:99:d7:17:
e8:4e:5d:e5:51:bb:ff:16:af:db:47:72:7e:e0:c3:e4:cd:39:
66:65:f8:f5:a6:a9:51:78:c9:e5:f4:70:3b:80:d0:ab:d1:4c:
c0:ea:90:2e:53:f9:8a:9b:c4:4d:87:28:a9:dd:dc:c0:18:2b:
0e:dd:ae:1c:cb:f2:ce:b1:cc:d6:f4:49:1b:b2:ed:11:05:56:
bd:d2:e9:8b:6d:03:d9:a4:bf:40:5c:85:50:ad:20:fd:84:21:
79:6e:15:27:6c:56:cd:f4:63:1f:12:96:a0:e1:8a:f2:7e:50:
f4:ca:a3:9a:3f:34:81:93:9a:98:67:36:3c:8c:43:af:c9:b1:
fd:c2:7e:c1:57:7a:a3:66:3b:33:93:f7:5a:98:a0:16:bd:82:
99:92:3c:1a:14:59:d4:4b:97:f9:a8:ec:5d:33:b1:a1:dc:39:
4d:24:f1:c2:3b:54:ec:a2:44:9b:84:c7:db:8f:c7:79:52:cd:
8b:ae:d4:06:1f:63:24:cf:45:cd:4b:99:25:b2:68:8a:6c:8d:
10:23:8a:b4:51:df:3a:c1:38:b7:21:14:56:6b:f2:80:6a:d5:
4a:13:e6:c6:6d:95:2e:bc:a5:41:f1:cb:55:47:33:18:34:55:
6e:7b:49:31
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUHxucW7WsFD8ACr1XQ5Za2RJg3FkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MDExOTUwMDdaFw0yNTEwMDYyMzU5NTlaMHoxSTBHBgNV
BAUTQGRhNjQ3Y2RlMWVjZTZmZTAyNTIyYzQyZTM5YTAxMzE3MDMyNTgzMWIxMzVl
YjFhMDRkZDdkM2VhN2FjZWQzMjkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOtF9OPS5eeBw8fJgjTCQezLfUimLyeUna0Q6x22FTFhrbUO0e/0UEFR5Vqk
w+Qnerc8/UqEez2AOxazLm7eEf7MtvvTOZqFP3TJuiCB1jhlPl6K5pwrEaPUr3p4
reszyPfitdEVJQJf29qRUMddo9NY+mL5umOY1C1yLTc13DDClL2OKsEQu27uRIrn
OSYgjSQtcTs3noMmP555LhXxo00h2XwdLbwqKTcZAnIt1/YqFr0zeMLS/cX1/T22
NuRQzDezMipd3lm6dO2gyuLQps2KHuDKaw1fxjDt/EcrBNFfMqQqRxt6NuzobkEH
WsTe0V6Zp8321USdYwmWsPuzmjMCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTs2SY5
bOuFvBmc3C1DQJSlBqGolzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MWFhMzg0ODYtY2Q1My00ZjQ4LTg5MWQtYTAxOTFlZGYwNGExLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0ACQ
wDANBgkqhkiG9w0BAQsFAAOCAQEAclmjDtKmT0fTUaBxq27GmdcX6E5d5VG7/xav
20dyfuDD5M05ZmX49aapUXjJ5fRwO4DQq9FMwOqQLlP5ipvETYcoqd3cwBgrDt2u
HMvyzrHM1vRJG7LtEQVWvdLpi20D2aS/QFyFUK0g/YQheW4VJ2xWzfRjHxKWoOGK
8n5Q9Mqjmj80gZOamGc2PIxDr8mx/cJ+wVd6o2Y7M5P3WpigFr2CmZI8GhRZ1EuX
+ajsXTOxodw5TSTxwjtU7KJEm4TH24/HeVLNi67UBh9jJM9FzUuZJbJoimyNECOK
tFHfOsE4tyEUVmvygGrVShPmxm2VLrylQfHLVUczGDRVbntJMQ==
-----END CERTIFICATE-----
Generated at Mon Sep 8 12:08:16 2025 by rpki-client